search

Byron / prodash

report progress of concurrent applications and display it in various ways
https://docs.rs/prodash
MIT License
354 stars 9 forks source link

ci: add dependabot config #30

Open joshka opened 7 months ago

joshka commented 6 months ago

Could you set this up to only trigger when there are major (or minor, in case of pre-production) updates? Otherwise this bot creates a lot of noise for patch and minor updates that Cargo resolves automatically to when it matters.

I'm not 100% sure whether github does the right thing for cargo semver (x.y.z = major.minor.patch, 0.x.y = 0.major.minor). I suspect that github will see this as (x.y.z = major.minor.patch and 0.minor.patch). So I'd suggest patching using the minor version. Does that make sense to you?

Byron commented 6 months ago

I see what you mean, and I was surprised that the docs didn't mention such a thing at all beyond ignoring updates. But then it would have to be configured for each dependency, apparently. There is also grouping with additional rules, but it all seems rather complicated.

Since I am sure you had a particular reason for this, maybe to automate updates of ratatui, maybe we can keep this a manual process? I don't really want to update every time there is a new release, but am happy to accept PRs or update myself if there is demand for seeing a particular version here. From my point of view, it's churn, as nothing here uses advanced features.

Thanks for your understanding.

joshka commented 6 months ago

Yeah the motivation was that ratatui 0.26.0 has a few bugs. I often hit the top dependents in the reverse dependencies list of ratatui and take a look at what needs to be done to upgrade (to get a real world feel for any breaking changes). The list is sorted by downloads, so this crate is right up there. For this I figured perhaps Dependabot might be more useful in getting the various crates in order. We turned on grouping updates in the ratatui website and that does help a lot with the quantity of notifications.

Byron commented 6 months ago

I see, thank you.

I think the statistics there are somewhat misleading as the feature powered by ratatui is very rarely used, while the download count is inflated by gitoxide. So in practice, this crate probably isn't very important.

But since it's about ratatui, maybe you can adjust the ignore rules to only trigger on minor updates of this crate?